View All Documents & Correspondence
A System And Method Of Securely Accessing A Third Party Application
Abstract: An application hosting system for providing an application to a mobile communication device is disclosed. The application hosting system comprising a mobile interface configured to communicate with a mobile communication device and further configured to receive a mobile communication device request from a mobile communication device, the mobile communication device request including a security code generated by the mobile communication device and embedded in the mobile communication device request. The application hosting system further comprising an authentication processor operatively communicating with the mobile interface and configured to determine the presence of a security code within the mobile communication device request; the authentication processor further configured to verify the security code for the mobile communication device and on a successful verification providing the requested application to the mobile communication device.
Notices, Deadlines & Correspondence
Patent Information
Applicants
MCHEK INDIA PAYMENT SYSTEMS PVT. LTD
Inventors
1. PRAVEEN PATIL
2. VALERIE ROZYCKI
3. SURESH ANANTPURKAR
Specification
FIELD OF THE INVENTION
The invention relates to a system and method for enabling a mobile user to access an application or service. More particularly, the invention relates to the system and method for accessing an application via an automated authentication process.
BACKGROUND
Existing cellular or wireless communication systems are still exploring the capabilities of mobile communication devices to securely access applications. These systems provide limited secure access to the applications.
An inherent problem linked with the internet and mobile commerce and communication is security, particularly when transfer of funds, authentication of an individual or transaction, or conducting a third-party transaction is involved. Conventionally, in order to securely access applications, users were required to authenticate themselves, often by way of an independent authentication process. Such authentication processes require passwords to be generated by a registration process between the mobile user and the authenticated system. Such passwords are generated before accessing an application and the mobile user is required to remember them. The user thus has to enter the password or security code manually, each time before he can access the application. Besides being inconvenient and cumbersome for users, this could lead to security concerns, as the user's password is liable to be misplaced or misused.
BRIEF DESCRIPTION OF DRAWINGS
The following is a brief description of the preferred embodiments with reference to the accompanying drawings. It is to be understood that the features illustrated in and described with reference to the drawings are not to be construed as limiting of the scope of the invention. In the accompanying drawings:
Figure 1 illustrates Mobile Client architecture and Server Side architecture in accordance with an embodiment.
Figure 2 illustrates the menu flow for accessing an application on the Mobile Client in accordance with an embodiment.
Figure 3 illustrates a byte code structure to launch the Mobile Browser with a specific URL in accordance with an embodiment.
Figure 4 is a schematic illustration of securely accessing an application from an Application Hosting System Web Interface or an Authentication System Web User Interface in accordance with an embodiment.
Figure 5 illustrates a schematic diagram showing an Application Hosting System pushing an application on the Mobile client in accordance with an embodiment.
Figure 6 illustrates the validation or pupation of the Mobile Client or the Security Code
Generator in accordance with an embodiment.
SUMMARY
A system for accessing an application from an application hosting system is disclosed.
The system comprising a user interface configured to be provisioned on a mobile
communication device and further configured to receive a user request to access the
application from the application hosting system on the mobile communication device.
The system further comprises a processing engine configured to be provisioned on a mobile communication device that is capable of generating a mobile communication device request to access the application from the application hosting system on the mobile communication device. The system further comprises of a security code generator that is configured to generate a security code and to transmit the security code to the processing engine such that the processing engine is configured to obtain the security code from the security code generator in response to the user request and to embed the security code obtained from the security code generator within the mobile communication device request and a mobile browser configured to transmit to the application hosting system the mobile communication device request including the embedded security code.
An application hosting system for providing an application to a mobile communication device is disclosed. The application hosting system comprises a mobile interface that is configured to communicate with a mobile communication device and further configured to receive a mobile communication device request from a mobile communication device, the mobile communication device request including a security code generated by the mobile communication device and embedded in the mobile communication device request. The application hosting system further comprises an authentication processor operatively communicating with the mobile interface and configured to determine the presence of a security code within the mobile communication device request; the authentication processor further configured to verify the security code for the mobile communication device and on a successful verification provides the requested application to the mobile communication device.
In accordance with an aspect, the application hosting system receives from the mobile communication device a mobile communication device request to access the application. The mobile communication device request includes a security code generated by the mobile communication device and embedded in the mobile communication device request. The application hosting system determines the presence of a security code within the mobile communication device request and identifies the security code. The application hosting system verifies the security code for the mobile communication device and on a successful verification provides the requested application to the mobile communication device.
DETAILED DESCRIPTION
For the purpose of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the invention is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of the invention as illustrated therein being contemplated as would normally occur to one skilled in the art to which the invention relates.
It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and are not intended to be restrictive thereof. Throughout the patent specification, a convention employed is that in the appended drawings, like numerals denote like components.
Many of the functional units described in this specification have been libeled as modules, in order to more particularly emphasize their implementation independence. For example, a module may be implemented as a hardware circuit comprising custom very large scale integration circuits or gate arrays, off-the-shelf semiconductors such as logic, chips, transistors, or the other discrete components. A module may also be implemented in programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices or the like.
Modules may also be implemented in software for execution by various types of processors. An identified module of executable code may, for instance, comprise one or more physical or logical blocks of computer instructions which may, for instance, be organised as an object, procedure, or function. Nevertheless, the executables of an identified module need not be physically located together, but may comprise disparate instructions stored in different locations which, when joined together, comprise the module and achieve the started purpose for the module.
Indeed, a module of executable code could be a single instruction, or many instructions, and may even be distributed over several different code segments, among different programs, and across several memory devices. Similarly, operational data may be identified and illustrated herein within modules, and may be embodied in any suitable form and organised within any suitable type of data structure. The operational data maybe collected as a single data set, or may be distributed over different locations including over different member disks, and may exist, at least partially, merely as electronic signals on a system or network.
Reference throughout this specification to "one embodiment" "an embodiment" or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrase "in one embodiment", "in an embodiment" and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.
The invention relates to a system and method for enabling a mobile user to access an application or a service. The invention also relates to a system and method for accessing an application via an automated authentication process. A security code is automatically generated and transmitted in the authentication process. The security code may include by way of example a pass code generated by a Pass code generator or an Initiative for Open Authentication cryptogram (OATH) generated by an OATH generator. The security code is generated in the process of accessing the application and validated by the application hosting system or an authentication system.
The mobile user may access and obtain the application through the mobile communication device. Alternatively, the application hosting system may push an application on the mobile communication device of the user. The application is provisioned to the mobile user only after a successful authentication. The mobile communication device is provided with a mobile client for generating and transmitting the security code and for securely accessing the application.
In the embodiments illustrated, a system for accessing an application from an application hosting system is referred as mobile client.
An application hosting system may be an independent institution facilitating tasks or transactions over a communication channel. An application hosting system may be linked with an authentication system, to authenticate and verify users and tasks or transactions on behalf of the application hosting system. An application hosting system may be a Financial Institution, a Baler, a service provider, etc.
An application may be any service or application provided by a service provider on the mobile communication device. Examples of application may be online banking on the mobile communication device, gaming applications or any other service/ application.
An OATH cryptogram may be generated by the OATH generator. The OATH cryptogram may comprise of counters and keys. OATH provides solutions that allow for strong authentication of all users on all devices, across all networks. OATH is a global authentication technology allowing devices and users to be authenticated.
A pass code is a one time use code generated by a Pass code generator. A random and unique pass code is automatically generated every time the mobile user tries to access an application. The pass code is verified against an expected value by the verifier i.e. the Application Hosting System or Authentication system. The applicants prior application;
PCT/IN2008/000389 describes the application of a pass code and a pass code generator in a mobile environment.
Figure 1 illustrates the mobile client architecture 100 and the server side architecture 102 in accordance with an embodiment. The mobile client architecture 100 includes a User Interface 104, a Message Handler 106, a Processing Engine 108, a Mobile Browser 110, and a Security Code Generator 112. The Security Code Generator 112 may be, by way of example, an OATH generator 114 or a Pass code generator 116. The server side architecture 102 includes an Application Hosting System 118 and may also include an Authentication System 120 including an Authentication Server 122. The server side architecture 102 may also include an Authentication System Web User Interface 124 and an Application Hosting System Web Interface 126. The Application Hosting System 118 includes an Application hosting Server 128. The mobile client 100 present on the mobile communication device may in communication with the Authentication System 120. The mobile client 100 may be present on the mobile communication device of the user or may reside on a SIM card.
The mobile client 100 is module adapted to receive and display data contents such as web pages, applets, menus, etc. The mobile client 100 may be application software or a web browser or dynamic menus built specifically for mobile communication devices. The mobile client 100 can be downloaded from the World Wide Web or may be provided as functionality on the SIM card or can be pushed by the Authentication System 120 or Application Hosting Server 128 onto the mobile communication device of the user.
In accordance with an aspect, the mobile client 100 is a small application and may be easily stored on the SIM card or the storage area of the mobile communication device and may be provided with interfaces for the operating system of the mobile communication device.
The mobile client 100 enables seamless communication between the mobile communication device and the Application Hosting System regardless of underlying communications protocols. The mobile client 100 can identify mobile communication device capabilities and can cause data contents to be adapted to accommodate display and input limitations of mobile communication device.
The User Interface 104 of the mobile client 100 has the capabilities to show the menus, web pages on the mobile communication device of the user. The User Interface 104 is an interactive module on the mobile communication device wherein the user can interact with the World Wide Web and the mobile client 100.
The Message Handler 106 is a module configured to communicate with the Authentication System 120. The Message Handler 106 verifies the details of the messages received from the Authentication System 120 and forwards the message to the Processing Engine 108 for execution.
The Processing Engine 108 is a module responsible for handling and execution of the messages and for securely accessing applications. The Processing Engine 108 is configured to launch a mobile browser 110 with a URL (Uniform Resource Locator) of the desired application hosting system destination. The Processing Engine 108 obtains a security code from the Security Code Generator 112 provided on the mobile communication device. In the examples described herein, the Security Code Generator 112 is described to be either an OATH generator 114 or a Pass code generator 116. Alternatively, both the OATH generator 114 and the Pass code generator 116 may be provided. The Processing Engine 108 attaches the security code received to the desired URL and sends it to the Application Hosting System 118 for authentication.
The mobile browser 110 is a module for launching web sites on the mobile communication device. An application hosting system may push a website on the mobile browser 110 when required.
The Authentication system 120 includes an Authentication Server 122. The Authentication system 120 includes a module responsible for building a byte code message which is sent to the Message Handler 106 of the mobile client 100. It also handles the response message from the Message Handler 106 and sends the message to the Authentication Server 122 for verification.
The Authentication Server 122 verifies the pass code and/ or OATH cryptogram, received by the Authentication system 120. An Application Hosting System 118 may also connect to the Authentication system 120 to authenticate a user by verifying the security code provided by the user.
The Application Hosting System 118 comprises of an application hosting server 128. The Application Hosting System 118 on being contacted by the mobile communication device with a request to access an application identifies the presence of a security code provisioned along with the URL. The Application Hosting Server 128 verifies the security code, and on a successful verification, the Application Hosting System 118 provides the requested application to the mobile communication device. The Application
Hosting System 118 may also include an Application Hosting System Web Interface 126 that is a module configured to communicate with the Application Hosting System 118 to securely provide the requested applications to the user.
An Authentication System Web User Interface 124 is a module supported by a Web User Interface Server and may be provided and configured to communicate with the Authentication System 120 to securely access applications.
With reference to Figure 1, a first embodiment is illustrated. A mobile user may access the User Interface 104 of the mobile client 100 and request access to an application (1). The Processing Engine 108 on receiving such a request from the User Interface 104 contacts the Security Code Generator 112 for a security code (2). The Security Code Generator 112 will generate and provide the Processing Engine 108 with the security code (3). The Processing Engine 108 generates the mobile communication device request and embeds the security code in the mobile communication device request for the application and launches a mobile browser 110 (4). The mobile browser 110 transmits the mobile communication device request along with the security code to the Application Hosting System 118 (5). The Application Hosting System 118 on identifying the presence of a security code may verify the security code itself (6) or may contact an Authentication system 120 for security code verification (6). On receiving the verification results (7), the Application Hosting System provides the requested application to the mobile communication device if the verification was successful (8).
The mobile client 100 may have a pre-defined list of applications and services. When the mobile user selects an application, a request including a dynamic byte code is sent to the Processing Engine 108 for execution. The Processing Engine 108 receives and executes the dynamic byte code. The executed byte code may contain information of an URL and the security code to be generated. The Processing Engine 108 obtains the specified security code and the Pass code generator 116 or the OATH generator 114, as the case may be, automatically generate a pass code or an OATH cryptogram and send it back to the Processing Engine 108. The Processing Engine 108 receives the security code and generates the mobile communication device request by attaching it to the byte code and sends it to the Application Hosting System 118 for verification.
Figure 2 illustrates the menu flow for accessing an application on the mobile client 100. The mobile user can identify and select an application by visiting the menu 'My Service Provider' on the mobile client 100 of the mobile phone. The 'My Service Provider' menu may consist of a list of the services or applications already available for the mobile user. On selecting an application or service that the user would like to access, for e.g. HDFC e-Banking, the Processing Engine 108 executes the byte code stored for that particular application after obtaining and appending the security code.
Figure 3 illustrates a byte code structure to launch the mobile browser 110 with a specific URL in accordance with an embodiment. The byte code structure may contain a length parameter, a command type, a previous parameter, a next parameter, number of items etc.
The executable byte code may consist of a sequence of LV's. LV represents the length (L) and the value (V) of the individual byte codes forming the executable byte code.
For each LV, the command type indicate an action/ command for execution, for example, command type 15 indicates the launch browser command. The previous and next parameter indicates which LV's precedes and follows this byte code. The number of items parameter indicates the number of items present in the byte code.
The byte code contains a protocol (i.e. item 1) to launch a specific URL. For example,
www.hdfcbank.com. The byte code also carries the byte called cryptogram byte (i.e. item 2) to indicate whether to attach the OATH cryptogram/ pass code with the URL for validation.
In case of OATH cryptogram, item 3 indicates if the OATH is genuine global OATH or an OATH reserved for specific application hosting system. The Processing Engine 108
determines the security code to be obtained and informs OATH generator 114 or Pass code generator 116 to generate the OATH cryptogram or the pass code whichever is needed by the application hosting system.
The OATH generator 114 or Pass code generator 116 automatically generates the OATH cryptogram or the pass code and sends it back to the Processing Engine 108 for execution. The Processing Engine 108 embeds the security code in the byte code and sends the byte code message including the URL and the OATH cryptogram or the pass code to the Application Hosting System 118 for verification. The Application Hosting System 118 identifies the presence of a security code and verifies the OATH cryptogram or the pass code and may also send the security code to the Authentication Server 122 of the Authentication system 120 for verification. If successfully verified, the application hosting system launches the requested application on the mobile browser 110 of the mobile phone.
Figure 4 is a schematic illustration of securely accessing an application from an Application Hosting System Web Interface 126 or an Authentication System Web User Interface 124 in accordance with an embodiment. The user may either access an Authentication System Web User Interface 124 or an Application Hosting System Web Interface 126 to access an application. The Authentication System Web User Interface 124 through a Web User Interface Server communicates the request to access the application to the Authentication system 120 (1A). The Application Hosting System Web Interface 126 may similarly communicate a request to access the application to the Application Hosting System 118 (1 B.1) and the Application Hosting System 118 may in turn communicate with the Authentication System 120 (1 B.2) to forward the request to the mobile communication device. In the embodiment illustrated, the Authentication System 120 builds the byte code message, which is sent to the Message Handler 106 of the mobile client 100 (2). In the embodiment illustrated the Message Handler 106 serves as the user interface 104. The Message Handler 106 verifies the details of the byte code message and forwards it to the Processing Engine 108 for execution (3). The Processing Engine 108 receives and executes the dynamic byte code. The dynamic byte code may contain information of an URL and pass code/ OATH cryptogram to be generated. The Processing Engine 108 determines the appropriate security code to be generated and contacts the specified Security Code Generator 112 to generate a pass code or an OATH cryptogram (4). The Pass Code Generator 116 and the OATH generator 114 generate a pass code or an OATH cryptogram and send it back to the Processing Engine 108 (5). The Processing Engine 108 receives the generated pass code or OATH cryptogram and embeds the relevant pass code or the OATH cryptogram to the byte code and sends the mobile communication device request to the Application Hosting System 118 for verification (6). The Application Hosting System 118 may send the dynamic byte code including a URL and the security code to the Application Hosting Server 128 for verification (7). The Application Hosting System 118 may alternatively forward the dynamic byte code or the security code to the Authentication Server 122 for validation (7). On receiving the verification results (8), the Application hosting system provides the requested application to the mobile communication device if the verification was successful (9).
Figure 5 illustrates a schematic diagram showing an Application Hosting System 118 pushing an application on the mobile client 100 in accordance with an embodiment. In the embodiment illustrated, the Application Hosting System 118 connects with the Authentication System 120 to provide the mobile communication device with the application. However, the Application Hosting System 118 may include the Authentication system 120 and may directly provide the user with the application.
The Application Hosting System 118 contacts the Authentication system 120 to push an
application on the mobile communication device (1B). Alternatively, a mobile user may send a message, such as an SMS to the Application Hosting System 118 to access the application (1A). The text may contain the name of service/ application requested. The application hosting system contacts the Authentication System 120 to push an application on the mobile communication device (1B).
The Authentication System 120 is responsible for building the byte code message, which is sent to the Message Handler 106 of the mobile client 100 (2). In the embodiment illustrated the message handler 106 serves as the user interface 104. The massage handler verifies the details of the byte code message and forwards it to the Processing Engine 108 for execution (3). The Processing Engine 108 receives and executes the dynamic byte code. The dynamic byte code may contain information of an URL and pass code/ OATH cryptogram to be generated. The Processing Engine 108 determines the appropriate security code to be generated and contacts the specified Security Code Generator 112 to generate a pass code or an OATH cryptogram (4). The Pass code generator 116 and the OATH generator 114 automatically generate a pass code or an OATH cryptogram and send it back to the Processing Engine 108 (5). The Processing Engine 108 receives the generated pass code or the OATH cryptogram and embeds the relevant pass code or OATH cryptogram to the byte code and sends the mobile communication device request to the Application Hosting System 118 for verification (6). The Application Hosting System 118 may send the byte code including a URL and the security code to the Application Hosting Server 128 for verification (7). The Application Hosting System 118 may alternatively forward the dynamic byte code to the Authentication Server 122 for validation (7). On receiving the verification results (8), the Application hosting system provides the requested application to the mobile communication device if the verification was successful (9).
The mobile communication device at the time of registration with the Application
Hosting System 118 or the Authentication System 120 is provided with the appropriate
Security Code Generator 112.
Figure 6 illustrates the validation or updation of the mobile client 100 or the Security
Code Generator 112 in accordance with an embodiment. The validation or updation may be done as background activity, not requiring user input or attention. The Authentication system 120 generates a message for checking validation of the mobile client 100 including the Security Code Generator 112 and sends it to the Message Handler 106 on the mobile client 100 (1). The Message Handler 106 verifies the contents of the message and sends it to the Processing Engine 108 for execution (2). The Processing Engine 108 receives and executes the message. The message may require a pass code/ OATH cryptogram to be generated and the Processing Engine 108 prompts the Pass code generator 116 or the OATH generator 114 to generate a pass code or an OATH cryptogram (3). The Pass code generator 116 and the OATH generator 114 generate a pass code or OATH cryptogram and send it back to the Processing Engine 108 (4). The engine receives the generated pass code or OATH cryptogram and sends it to the Message Handler 106 (5). The Message Handler 106 forwards it to the Authentication system 120 (6) which in turn forward it to the Authentication Server 122 for validation (7). The Authentication Server 122 validates the message and informs the Authentication system 120 (8).
According to an alternative embodiment, the application hosting server 118 is also configured to generate a message for checking validation of the mobile client 100.
The mobile communication device is any device used for communication over a wireless communication network and includes a mobile phone, a smart phone, a Personal Digital Assistant (PDA) or a pager.
SPECIFIC EMBODIMENTS ARE DESCRIBED BELOW
A method of providing an application from an application hosting system to a mobile communication device, comprising receiving from the mobile communication device a mobile communication device request to access the application, the mobile communication device request including a security code wherein the security code is generated by the mobile communication device and embedded in the mobile communication device request; determining the presence of a security code within the mobile communication device request and identifying the security code and verifying the security code for the mobile communication device, and on a successful verification providing the requested application to the mobile communication device.
Such method(s), wherein verifying the security code comprises transmitting the mobile communication device request to an authentication system for verification.
Such method(s), wherein the mobile communication device request is initiated at the authentication system by receiving a request to access the application from an interface in communication with the authentication system and wherein the request to access the application is transmitted by the authentication system to the mobile communication device for generating the mobile communication device request.
Such method(s), wherein the mobile communication device request is initiated at the application hosting system by receiving a request to access the application from a user interface in communication with the application hosting system and wherein the request to access the application is transmitted by the application hosting system to the mobile communication device for generating the mobile communication device request.
Such method(s), further comprising pre-registering the mobile communication device at the application hosting system.
Such method(s), further comprising pre-registering a mobile communication device at the authentication system.
Such method(s), wherein the mobile communication device request is an executable byte code. FURTHER SPECIFIC EMBODIMENTS ARE DESCRIBED BELOW
A system for accessing an application from an application hosting system, comprising
a user interface configured to be provisioned on a mobile communication device and further configured to receive a user request to access the application from the application hosting system on the mobile communication device, a processing engine configured to be provisioned on a mobile communication device and further configured to generate a mobile communication device request to access the application from the application hosting system on the mobile communication device,
a security code generator configured to generate a security code and to transmit the security code to the processing engine such that the processing engine configured to obtain a security code from the security code generator in response to the user request and to embed the security code obtained from the security code generator within the mobile communication device request and a mobile browser configured to transmit to the application hosting system the mobile communication device request including the embedded security code.
Such system(s), wherein the processing engine is further configured to include in the mobile communication device request a Uniform Resource Locator link with a security code embedded therein.
Such system(s), wherein the mobile communication device request is an executable byte code.
Such system(s), wherein the security code is an open authentication standard code or a proprietary security code.
FURTHER SPECIFIC EMBODIMENTS ARE DESCRIBED BELOW
An application hosting system for providing an application to a mobile
communication device, comprising a mobile interface configured to communicate with a
mobile communication device and further configured to receive a mobile communication
device request from a mobile communication device; the mobile communication device
request including a security code generated by the mobile communication device and
embedded in the mobile communication device request and an authentication processor operatively communicating with the mobile interface and configured to determine the presence of a security code within the mobile communication device request; the authentication processor further configured to verify the security code for the mobile communication device and on a successful verification providing the requested application to the mobile communication device.
Such application hosting system(s), further comprising an authentication system in communication connection with it, the application hosting system configured to transmit the security code to the authentication system for verification.
Such application hosting system(s), wherein the authentication system further comprising a web interface configured to receive a request to access the application and wherein the authentication system configured to transmit the request to access the application to the mobile communication device for generating the mobile communication device request.
Such application hosting system(s), wherein the mobile communication device request is an executable byte code.
While specific language has been used to describe the invention, any limitations arising on account of the same are not intended. As would be apparent to a person in the art, various working modifications may be made to the system in order to implement the inventive concept as taught herein.
We claim:
1. A method of providing an application from an application hosting system to a mobile communication device, comprising:
● receiving from the mobile communication device a mobile communication
device request to access the application; the mobile communication device
request including a security code wherein the security code is generated by the
mobile communication device and embedded in the mobile communication
device request;
● determining the presence of a security code within the mobile communication
device request and identifying the security code; and
● verifying the security code for the mobile communication device, and on a
successful verification providing the requested application to the mobile
communication device.
2. A method as claimed in claim 1 wherein verifying the security code comprises transmitting the mobile communication device request to an authentication system for verification.
3. A method as claimed in claim 2 wherein the mobile communication device request is initiated at the authentication system by receiving a request to access the application from an interface in communication with the authentication system and wherein the request to access the application is transmitted by the authentication system to the mobile communication device for generating the mobile communication device request.
4. A method as claimed in claim 1 wherein the mobile communication device request is initiated at the application hosting system by receiving a request to access the application from a user interface in communication with the application hosting system and wherein the request to access the application is transmitted by the application hosting system to the mobile communication device for generating the mobile communication device request.
5. A method as claimed in claim 1 further comprising pre-registering the mobile communication device at the application hosting system.
6. A method as claimed in claim 2 further comprising pre-registering a mobile communication device at the authentication system.
7. A method as claimed in claim 1 wherein the mobile communication device request is an executable byte code.
8. A system for accessing an application from an application hosting system, comprising:
• a user interface configured to be provisioned on a mobile communication
device and further configured to receive a user request to access the
application from the application hosting system on the mobile communication
device;
● a processing engine configured to be provisioned on a mobile communication
device and further configured to generate a mobile communication device request to access the application from the application hosting system on the mobile communication device,
● a security code generator configured to generate a security code and to
transmit the security code to the processing engine such that the processing
engine configured to obtain a security code from the security code generator in
response to the user request and to embed the security code obtained from the
security code generator within the mobile communication device request; and
● a mobile browser configured to transmit to the application hosting system the
mobile communication device request including the embedded security code.
9. A system as claimed in claim 8 wherein the processing engine is further configured to include in the mobile communication device request a Uniform Resource Locator link with a security code embedded therein.
10. A system as claimed in claim 8 wherein the mobile communication device request is an executable byte code.
11. A system as claimed in claim 8 wherein the security code is an open authentication standard code or a proprietary security code.
12. An application hosting system for providing an application to a mobile communication device, comprising:
● a mobile interface configured to communicate with a mobile communication
device and further configured to receive a mobile communication device
request from a mobile communication device; the mobile communication
device request including a security code generated by the mobile communication device and embedded in the mobile communication device request; and
● an authentication processor operatively communicating with the mobile interface and configured to determine the presence of a security code within the mobile communication device request; the authentication processor further configured to verify the security code for the mobile communication device and on a successful verification providing the requested application to the mobile communication device.
13. An application hosting system as claimed in claim 12 further comprising an authentication system in communication connection with it, the application hosting system configured to transmit the security code to the authentication system for verification.
14. An application hosting system as claimed in claim 13 wherein the authentication system further comprising a web interface configured to receive a request to access the application and wherein the authentication system configured to transmit the request to access the application to the mobile communication device for generating the mobile communication device request.
15. An application hosting system as claimed in claim 12 further comprising a user interface configured to receive a request to access the application and wherein the application hosting system configured to transmit the request to access the application to the mobile communication device for generating the mobile communication device request.
16. An application hosting system as claimed in claim 12 wherein the mobile communication device request is an executable byte code.
17. A method of providing an application from an application hosting system to a mobile communication device substantially as herein described with reference to and as illustrated by the accompanying drawings.
18. A system for accessing an application from an application hosting system substantially as herein described with reference to and as illustrated by the accompanying drawings.
19. An application hosting system for providing an application to a mobile communication device substantially as herein described with reference to and as illustrated by the accompanying drawings.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 1168-CHE-2009 FORM-1.pdf | 2012-03-14 |
| 1 | 1168-CHE-2009 POWER OF ATTORNEY 05-06-2009.pdf | 2009-06-05 |
| 2 | 1168-CHE-2009 FORM-1 05-06-2009.pdf | 2009-06-05 |
| 2 | 1168-che-2009 correspondance others.pdf | 2011-09-03 |
| 3 | 1168-che-2009 descrition(provitional).pdf | 2011-09-03 |
| 3 | 1168-CHE-2009 CORRESPONDENCE 05-06-2009.pdf | 2009-06-05 |
| 4 | 1168-che-2009 description(complete) 21-05-2010.pdf | 2010-05-21 |
| 4 | 1168-che-2009 abstract 21-05-2010.pdf | 2010-05-21 |
| 5 | 1168-CHE-2009 CLAIMS 21-05-2010.pdf | 2010-05-21 |
| 5 | 1168-che-2009 correspondence others 21-05-2010.pdf | 2010-05-21 |
| 6 | 1168-che-2009 form-5 21-05-2010.pdf | 2010-05-21 |
| 6 | 1168-che-2009 drawings 21-05-2010.pdf | 2010-05-21 |
| 7 | 1168-che-2009 form-3 21-05-2010.pdf | 2010-05-21 |
| 7 | 1168-che-2009 form-1 21-05-2010.pdf | 2010-05-21 |
| 8 | 1168-che-2009 form-2 21-05-2010.pdf | 2010-05-21 |
| 9 | 1168-che-2009 form-3 21-05-2010.pdf | 2010-05-21 |
| 9 | 1168-che-2009 form-1 21-05-2010.pdf | 2010-05-21 |
| 10 | 1168-che-2009 drawings 21-05-2010.pdf | 2010-05-21 |
| 10 | 1168-che-2009 form-5 21-05-2010.pdf | 2010-05-21 |
| 11 | 1168-CHE-2009 CLAIMS 21-05-2010.pdf | 2010-05-21 |
| 11 | 1168-che-2009 correspondence others 21-05-2010.pdf | 2010-05-21 |
| 12 | 1168-che-2009 description(complete) 21-05-2010.pdf | 2010-05-21 |
| 12 | 1168-che-2009 abstract 21-05-2010.pdf | 2010-05-21 |
| 13 | 1168-che-2009 descrition(provitional).pdf | 2011-09-03 |
| 13 | 1168-CHE-2009 CORRESPONDENCE 05-06-2009.pdf | 2009-06-05 |
| 14 | 1168-CHE-2009 FORM-1 05-06-2009.pdf | 2009-06-05 |
| 14 | 1168-che-2009 correspondance others.pdf | 2011-09-03 |
| 15 | 1168-CHE-2009 POWER OF ATTORNEY 05-06-2009.pdf | 2009-06-05 |
| 15 | 1168-CHE-2009 FORM-1.pdf | 2012-03-14 |